FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 10-02-2010, 06:37 PM
Jim
 
Default SSH can't connect

On 10/02/2010 12:40 PM, Kalpa Welivitigoda wrote:
> On Sat, Oct 2, 2010 at 10:02 PM, Jim<binarynut@comcast.net> wrote:
>> Wether I run NX (nomachine) or SSH I get the same error message, no
>> matter what host I try to connect to.
>>
>> And on the host servers SSHd is running.
>> And so is the Client box.
>>
>> Running NX
>> Error message: ssh: connect to host 70.236.39.98 port 22: Connection
>> timed out
>>
>> Running $ ssh jim@70.236.39.98
>> ErrorMessage: ssh: connect to host 70.236.39.98 port 22: Connection
>> timed out
>>
> sometimes you may have changed the default port for ssh service. Check
> whether the port is 22.
> Check /etc/ssh/ssh_config in servers
>
>> --
>> users mailing list
>> users@lists.fedoraproject.org
>> To unsubscribe or change subscription options:
>> https://admin.fedoraproject.org/mailman/listinfo/users
>> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>>
>
>
Here is my;

/etc/ssh/ssh_config



# $OpenBSD: ssh_config,v 1.26 2010/01/11 01:39:46 dtucker Exp $

# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# GSSAPIKeyExchange no
# GSSAPITrustDNS no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
Host *
GSSAPIAuthentication yes
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the
untrusted
# mode correctly we set this to yes.
ForwardX11Trusted yes
# Send locale-related environment variables
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY
LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
SendEnv XMODIFIERS

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-02-2010, 06:43 PM
Jim
 
Default SSH can't connect

On 10/02/2010 02:34 PM, JD wrote:
> sudo iptables -L -n
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@Acer mickey]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:427
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:22
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
udp dpt:631
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 state NEW
udp dpt:5353
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:631
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
udp dpt:631
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
udp dpt:161
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with
icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with
icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-02-2010, 06:52 PM
JD
 
Default SSH can't connect

On 10/02/2010 11:43 AM, Jim wrote:
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22

OK, So port 22 is open.
Is this on the server where sshd is running or is this
on the client where you are invoking /usr/bin/ssh ??

If on the server, then take a look at the contents of
the server's
/var/log/secure
/var/log/iptables (if you have configured iptables to log there)
/var/log/messages

and search for any messages pertaining to ssh or port 22 ...etc

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-02-2010, 07:09 PM
stan
 
Default SSH can't connect

On Sat, 02 Oct 2010 13:53:32 -0400
Jim <binarynut@comcast.net> wrote:

> What is the -n -n After eth0 mean ?

man tcpdump

-n Don’t convert host addresses to names. This can be used to
avoid DNS lookups.

-nn Don’t convert protocol and port numbers etc. to names either.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-02-2010, 07:14 PM
Jim
 
Default SSH can't connect

On 10/02/2010 02:52 PM, JD wrote:
>
> On 10/02/2010 11:43 AM, Jim wrote:
>> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
> OK, So port 22 is open.
> Is this on the server where sshd is running or is this
> on the client where you are invoking /usr/bin/ssh ??
>
> If on the server, then take a look at the contents of
> the server's
> /var/log/secure
> /var/log/iptables (if you have configured iptables to log there)
> /var/log/messages
>
> and search for any messages pertaining to ssh or port 22 ...etc
>
/var/log/secure

This is the only entries, and they repeated a number of different times.

Sep 29 09:34:19 Acer sshd[1564]: Server listening on 0.0.0.0 port 22.
Sep 29 09:34:19 Acer sshd[1564]: Server listening on :: port 22.


/var/log/iptables

There is no /var/log/iptables on server.



/var/log/messages

There is no entries in /var/log/messages for port 22.


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-02-2010, 07:21 PM
Jim
 
Default SSH can't connect

On 10/02/2010 02:52 PM, JD wrote:
>
> On 10/02/2010 11:43 AM, Jim wrote:
>> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
> OK, So port 22 is open.
> Is this on the server where sshd is running or is this
> on the client where you are invoking /usr/bin/ssh ??
>
> If on the server, then take a look at the contents of
> the server's
> /var/log/secure
> /var/log/iptables (if you have configured iptables to log there)
> /var/log/messages
>
> and search for any messages pertaining to ssh or port 22 ...etc
>

Forgot to add in /var/log/messages.

These two lines are the only entering, and they appear a number of
different times and dates

avahi-daemon[1319]: Service "Acer" (/services/ssh.service) successfully
established.

avahi-daemon[1334]: Loading service file /services/ssh.service.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 10-02-2010, 08:02 PM
Roberto Ragusa
 
Default SSH can't connect

Jim wrote:
> On 10/02/2010 01:11 PM, Roberto Ragusa wrote:
>> Jim wrote:
>>> On 10/02/2010 12:32 PM, Jim wrote:
>>>> Wether I run NX (nomachine) or SSH I get the same error message, no
>>>> matter what host I try to connect to.
>>>>
>>>> And on the host servers SSHd is running.
>>>> And so is the Client box.
>>>>
>>>> Running NX
>>>> Error message: ssh: connect to host 70.236.39.98 port 22: Connection
>>>> timed out
>>>>
>>>> Running $ ssh jim@70.236.39.98
>>>> ErrorMessage: ssh: connect to host 70.236.39.98 port 22: Connection
>>>> timed out
>>>>
>>> I forgot to add;
>>>
>>> These are all FC13 boxes, clients and hosts and the Firewall in each box
>>> has SSH check as Trusted Service.
>> Try keeping a running
>> tcpdump -i eth0 -n -n
>> in a different terminal before invoking ssh.
>>
>> You should be able to see if packets are exchanged between the machines.
>> If you see your packets but no packet from the other machine, one of the
>> firewalls is interfering. You can sniff on the other side too for more
>> information.
>>
> Running your command I get a steady output of IP's I have never seen,
> example below
>
> 14:05:10.307914 ARP, Request who-has 69.243.174.143 tell 69.243.168.1,
> length 46
> 14:05:10.331512 ARP, Request who-has 69.243.175.116 tell 69.243.168.1,
> length 46
> 14:05:10.331695 ARP, Request who-has 71.25.91.72 tell 71.25.88.1, length 46
> 14:05:10.332746 ARP, Request who-has 69.243.175.114 tell 69.243.168.1,
> length 46
> 14:05:10.386862 ARP, Request who-has 69.243.170.149 tell 69.243.168.1,
> length 46
> 14:05:10.566254 ARP, Request who-has 69.243.174.15 tell 69.243.168.1,
> length 46
> 14:05:10.576918 ARP, Request who-has 73.45.175.36 tell 73.45.168.1,
> length 46
> 14:05:10.622413 ARP, Request who-has 69.243.174.176 tell 69.243.168.1,
> length 46
> 14:05:10.625877 ARP, Request who-has 73.44.155.236 tell 73.44.152.1,
> length 46
> 14:05:10.667900 ARP, Request who-has 69.243.175.116 tell 69.243.168.1,
> length 46
> 14:05:10.681633 ARP, Request who-has 69.243.175.114 tell 69.243.168.1,
> length 46
>

Quite strange output: ARP requests for 69.*, 71.* and 73.* networks
and nothing else. You only pasted 0.3 seconds of activity. Was there
something for 70.236.39.98 when you tried to ssh?
What kind of network connections do you have?
Is the 70.236.39.98 machine supposed to be contacted on eth0?

Would you give us some info about your network connection?
ifconfig -a
route -n

Thanks.
--
Roberto Ragusa mail at robertoragusa.it
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 01:10 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org